Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Fri Dec 06 2024 13:41:13 Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 3 new defect(s) introduced to Synchronet found with Coverity Scan. 9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 515659: Resource leaks (RESOURCE_LEAK) /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)() ________________________________________________________________________________________________________ *** CID 515659: Resource leaks (RESOURCE_LEAK) /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)() 808 } 809 810 smb_close(&smb); 811 smb_stack(&smb,SMB_STACK_POP); 812 current_msg=NULL; 813 >>> CID 515659: Resource leaks (RESOURCE_LEAK) >>> Variable "mail" going out of scope leaks the storage it points to. 814 return lm_mode; 815 } 816 817 int sbbs_t::searchmail(mail_t *mail, int start, int msgs, int which, const char *search, const char* order) 818 { 819 char* buf; ** CID 515658: Error handling issues (CHECKED_RETURN) ________________________________________________________________________________________________________ *** CID 515658: Error handling issues (CHECKED_RETURN) /dupefind.c: 75 in display_filename() 69 char *display_filename(scfg_t *cfg, uint dirnum, uint32_t fil_off) 70 { 71 static char str[256]; 72 static smb_t smb; 73 if(smb_open_dir(cfg, &smb, dirnum) != SMB_SUCCESS) 74 return smb.last_error; >>> CID 515658: Error handling issues (CHECKED_RETURN) >>> Calling "smb_fseek(smb.sid_fp, (fil_off - 1U) * 128UL, 0)" without checking return value. It wraps a library function that may fail and return an error code. 75 smb_fseek(smb.sid_fp, (fil_off - 1) * sizeof(fileidxrec_t), SEEK_SET); 76 fileidxrec_t idx; 77 if(smb_fread(&smb, &idx, sizeof(idx), smb.sid_fp) != sizeof(idx)) { 78 smb_close(&smb); 79 return smb.last_error; 80 } ** CID 515657: Error handling issues (CHECKED_RETURN) /load_cfg.c: 627 in smb_open_dir() ________________________________________________________________________________________________________ *** CID 515657: Error handling issues (CHECKED_RETURN) /load_cfg.c: 627 in smb_open_dir() 621 if(filelength(fileno(smb->shd_fp)) < 1) { 622 smb->status.max_files = cfg->dir[dirnum]->maxfiles; 623 smb->status.max_age = cfg->dir[dirnum]->maxage; 624 smb->status.attr = SMB_FILE_DIRECTORY; 625 if(cfg->dir[dirnum]->misc & DIR_NOHASH) 626 smb->status.attr |= SMB_NOHASH; >>> CID 515657: Error handling issues (CHECKED_RETURN) >>> Calling "smb_create" without checking return value (as is done elsewhere 16 out of 17 times). 627 smb_create(smb); 628 } 629 return SMB_SUCCESS; 630 } 631 632 int get_lang_count(scfg_t* cfg) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DArCi_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZBUi-2F07t06F46PFVW9NK8AEOuHmZrMv6aNSdOw0AIeo4ogvPzV8VRWZ8jRTfiHC12zKsA4sipybJiH6RgyZ0m7AfiNQvXpSFbavk3k9Q6PyWgsjGH13ueAcyWa7DsklJg0kfAfT7EZWBHjtJZZ7z9FYBEIQ4aPAWfq3llNwIH-2F5w-3D-3D --- þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net .